Volume 17, Number 8
December 2000

Linking Home and Remote Offices

The Virtual Lawyer

By Ross Kodner and Sheryn Bruehl

Remote access is "high demand" technology for small law firms. With more mobile lawyers toting laptops; more work-at-home, telecommuting "virtual lawyers"; staff and lawyers on parental or family medical leave; and even lawyers and staff with home PC systems, the demand for maximum reliability, "idiot proof" remote access to law office systems has soared.

Telecommuting and "virtual lawyering" help to meet not only the needs of our lifestyles but also the expectations of our clients. Spoiled by the digital age, clients are coming to expect immediate access to information and services in all aspects of their business and personal lives. As those demands evolve, more and more law firms are adopting and promoting to clients the credo, "anytime, anywhere," and remote access capabilities have to expand to handle the heightened demand.

However, with the promise of remote access comes a dark side: It is far too easy to underestimate the complexity of remote access. Failure to properly plan your remote access strategy, provide for security, and address user expectations and training can quickly turn this miracle of modern technology into a techno.disaster, leaving you and your users frustrated, and potentially compromising the security of your network and client data.

As one commentator noted: "Remote access is not a server in a closet that just works. It is a tether of technology that binds users closer to the [office network], a connection that in their mind is just as reliable as what's at their desk in the office. It is a rope of technology in which there is just enough slack to hang yourself." We couldn't have said it better ourselves. So you stand warned: Careful planning is essential for successful remote access systems!

Modern remote access goes well beyond the days of banks of dedicated PCs enabling remote control access with PC Anywhere or Carbon Copy. The good news is, it works better and is faster, and you have lots more "connection flexibility" than ever before. The key, however, is understanding your remote access "big picture."

Ask questions first. Determine who your mobile lawyers are likely to be. Do they have PC communications savvy? Where will they need to dial in from? Home? Hotels? Courts? Other law firms? Airports? What kinds of systems will they use when dialing in? Will they have access to high-speed Internet connections? How many virtual lawyers will be dialing in at once? What office programs do your telecommuters need to access?

Remote Access in a Nutshell

The concept is pretty simple-and there are three basic ways to make it happen: remote node access, remote control access, and virtual private networking or web access.

With remote node access, you actually log into your office network, but it's a phone line connecting you instead of the network cables installed in your office. With regular telephone lines, remote node access is far slower than the network cabling in your office, and is usually too slow to run programs. However, it is fine for accessing files to transfer back to your laptop or remote PC. High-speed Internet access improves the performance somewhat, however.

Remote control access differs from remote node access, in that you don't simply connect to the network, you actually take control of a PC already on the network. It's like having a 30-mile keyboard, mouse, and monitor extension cable to run an office PC from home-letting you run programs that exist only on your office PCs and access your data. However, as with remote node access-and especially so with remote control-you must be conscious of the "speed expectation gap" between the 10/100 mbps speed your users are used to when in the office and the slower speed when remotely accessing the firm's network and PCs via a telephone line.

Even though the available software does a good job of optimizing data for transmission, there is still a tremendous amount of traffic that must pass between the office and remote PCs. It must travel long distances at relatively slow speeds. Performance, especially for highly graphic programs, can be substantially impaired. If you are going to use remote control software, it is important to remind high-demand, low-tolerance, super-busy users that they simply cannot expect office network speeds (in fact, it doesn't hurt to remind them that it is something of a miracle that remote access works at all). However, with the increased availability and rapidly lowering prices of high bandwidth connections such as cable modems, DSL, and even satellite connections (DirecPC), it is beginning to be more practical and comfortable to use.

Virtual private networking (VPN) is pretty similar to remote node access except that it is the Internet that gets you connected to the office, using Microsoft's Point to Point Tunneling Protocol (PPTP) instead of a telephone line, and a web browser is your interface.

So how do you decide whether to use VPN or remote node access or remote control? It's a question of the applications you want to use. If all you need is data access, you are a perfect candidate for remote node and virtual private network access. However, if you need access to programs running on your system, you either need remote control access, or programs that are customized to use a Web browser interface as a method of access.

Normally, "data access" only will get you documents, e-mail, and interoffice messages (depending on the program) and calendar or case management information if there is a "remote" module for the program you use. But you'll most likely need "program access" to use your document management systems, legal research (if you use CD-ROMs), litigation support and imaging systems, time entry (although remote modules do exist), and some case management and firm databases (though many now have remote access modules or are web-enabled).

If you must access your programs, there are two ways to access your system with remote control software. You can dial into a dedicated "host" PC that sits and awaits the call from the mobile lawyer. Or, you can dial into a remote control "gateway" that redirects the session to a PC elsewhere on the office network that has remote control software loaded and waiting to accept the incoming call. The host method (dialing into a PC) used to be the only way to manage remote control. It required individual "racks" of actual PCs, which could be expensive, difficult to manage, and notoriously unreliable (there are few options available to unlock a "frozen" PC remotely). It also provided an unfamiliar working environment for the user, making access more difficult and frustrating.

The other alternative was to have individual dedicated phone lines to access each computer-also an expensive solution, but with the advantage of providing a familiar working environment. Now, however, using the "gateway" approach (with software included in the high-value, low-cost Microsoft Small Business Server bundle or Netware for Small Business packages, or in pcAnywhere 9.x or later), incoming calls can be routed right to the office PC of the remote user. Remote users see their own Windows desktop and their own programs, and are working in a familiar environment. It also means that only one PC needs to have an Internet connection, so long as both are connected to the network, and that multiple users can share a single "entry point" into the firm (though not at the same time).

Network Software Options

Novell's Netware Connect is the original leader in remote access to networks. Novell's Netware Connect (now a part of the high-value Netware for Small Business suite) adds "modem pool" capability to Netware systems. Netware Connect supports remote node connections and can also serve as a gateway, directing a remote control session to a waiting PC on the network. It supports up to 32 connections per server, and multiple servers are possible. Add Novell's BorderManager firewall, and you can keep it all secure and keep the bad guys out.

Windows NT Server 4.0 and Remote Access Server (RAS) were Windows' revolution in remote node access. Remote Access Server, which comes with Windows NT Server 4.0 at no additional charge, provides dial-in users with a remote node connection to a network, much in the manner that Netware Connect does for Novell Netware servers. Remote/"client" machines use regular Windows 95/98 Dial Up Networking via an Internet connection, but there are also "clients" available for Windows 3.x Workgroups and DOS systems.

Windows NT Server 4.0, RAS and the Net. For users with DSL or cable connections who are not using dial up, Point to Point Tunneling Protocol (PPTP) is the hottest feature in NT's remote access arsenal. PPTP allows a secure data "tunnel" over an unsecure public network (the Internet)-in other words, remote users can piggyback across the Net, using it as a link to the RAS server. This forms the core of a VPN-the Internet replaces the traditional Wide Area Network "cloud" that most of us know as the public Internet. You can even use RAS as a remote control gateway with pcAnywhere to a LAN-based PC waiting as a host.

Tired of the techno.talk? Here's how it works: To make the Internet-routed RAS connection, establish a static IP address tied to your firm's domain name (you do have a domain name, right?). Then the remote user creates a regular Windows 95/98 DUN connection, dials into a regular ISP, and accesses you via the static IP address. RAS handles authentication and the user is in. It's that simple! This would even allow access to your firm's web server, which can run on the same NT system as RAS.

Citrix as a Remote Access Option

Citrix Metaframe systems can provide stellar remote performance for the "larger" small firm that is able to afford it. The Citrix approach is different-it is sort of like the old "dumb terminal" approach but in a devilishly clever and effective twenty-first century way. With Citrix, only screen updates, mouse clicks and keystrokes are passed to the remote PC, which means that the remote PCs can be "trailing edge" (read, ancient) systems and can be running a variety of different types of operating systems. In fact, the company prides itself on being able "to deliver any application to any device over any connection." The catch is that it is not cheap (it starts at about $4,500 retail for the software alone). This is clearly a Ferrari approach in terms of performance with Chevy reliability at a Mercedes E-class kind of price (how's that for a tortured auto analogy?). In other words, it offers tremendous performance-the only real remote access solution that bridges the normal gap between virtual users' expectations and reality. It does this with rock-solid reliability if it's set up properly. And the price is high, but not unaffordable. If you want the best, it costs.

The Wave of the Future

The web has revolutionized remote access, and extranets and VPNs are the wave of the future. Here's why:

  • All your users need is a web browser and a Net connection.
  • Access is through a web server and presumably a firewall for security and authentication.
  • The only catch is that you need web-accessible content-all the substance your users need to access...but you're already readying it, right?
  • Both Lotus Notes via Domino and GroupWise via the web access modules take a "get it now" approach to some information, without any HTML conversion required.

Ideally, your goal should be able to remotely access all your programs with a web browser and an ordinary (but secure) Internet connection. Web-smart programs are appearing every day that make virtual lawyering easier. Current examples include Novell GroupWise with WebAccess (e-mail, calendars, to-do lists, scheduling, Rolodex); Worldox/WEB document management, iManage's document management web interface and PC DOCS' Cyberdocs (another web-based document management interface), internal research "link pages" and intranet information; case management programs, including ProLaw Portal and Time Matters World Edition; and more and more applications all the time.

Not willing to invest in Novell or Windows NT solutions? Well, pcAnywhere 9.0 is still the king of remote control. It's as quick as remote control gets; can work across modems, or any TCP/IP faster connection; has all sorts of security built in, including the Public Key approach; and has very quick file transfer and "chat" capabilities. It comes in less expensive host-only and remote-only versions, and is useful not only for remote access, but also can be used internally to support other people on your network from a central location.

In addition, pcAnywhere gives a full-screen view of the PC you dial into-with only an unobtrusive "toolbar" at the top of the screen providing access to file transfer, session recording, chatting, and ending the remote access session. You'll see that pcAnywhere's file transfer is "drag and drop"-simple and lightning fast. Still, remote access is relatively slow, and when accessing via modem, it usually makes sense to transfer files back to your remote PC, disconnect, work on them with "local" programs, and reconnect to transfer the finished files back to the host PC.

Other useful and popular remote access products include: pcTelecommute from Symantec; Timbuktu Pro from netopia; Virtual Network Computing (VNC) from AT&T (UK); WinFax Pro from Symantec; Stac's ReachOut; LapLink Pro from Traveling Software; and Citrix.

Just Need the Fax?

One essential remote access tool is the ability to send and receive faxes remotely. Laptop users, in particular, have no effective way to keep their machines hooked up to send and receive faxes. For outbound faxing only, WinFAX Pro is a simple and inexpensive fax engine. Simply create or scan your document, and use the "print" function of your program to launch the fax.

WinFAX works well on a dialup connection where your machine can call the other fax machine, but what about using it on an always-on Internet connection, such as cable modem, DSL, or ISDN?

And what about receiving faxes? Use eFAX or jFAX Internet fax services. Internet fax services will assign you an incoming fax number, which receives faxes and forwards them to you via e-mail. If you are not connected, they sit on your e-mail server just like any other e-mail, until you check in. At eFAX, this service is free. For a nominal charge, you can get toll-free access, and for a little more, you can get the ability to send faxes via e-mail. Simply create the fax, "print" it using the fax driver as your printer selection, and the program creates an e-mail to the eFAX service center with your fax attached. Within a few minutes, the fax is forwarded to the recipient's fax machine as a regular fax.

The Bad Guys Want to Ruin Your Techno.Day

Effective remote access can be a wonderful productivity tool, and the ability to work effectively wherever you are can be life-transforming (for good or bad, depending on how you use it). But, you must be savvy about security. Most of these methods of access require that your office system be online all the time, which dramatically increases the risk of random or malicious unauthorized access to your system. You need firewall hardware and/or software to protect your valuable information. The discussion of exactly what you need exceeds the scope of this article, but we encourage you to do your research or get knowledgeable advice to make sure that you do it right.

Ross Kodner (rkodner@microlaw.com) is president and founder of MicroLaw, Inc., a Milwaukee-based legal technology consultancy and turnkey legal automation system provider. He chairs the ABA Law Practice Management Section's Computer & Technology Division and serves on the ABA TECHSHOW executive planning board. He is a member of the editorial board of Technology & Practice Guide. Sheryn Bruehl (sbruehl@compuserve.com) is a managing partner in the Norman, Oklahoma, firm of Bruehl & Chapman, P.C., where she practices worker's compensation law. She administers an eight-computer network for four attorneys and two support staff. She is an active member of the ABA Law Practice Management Section and is the vice-chair of its Computer & Technology Division.

Back to Top